DEV Community


Posted on

Ximertracks YouTube and The Strange Hackings - Short Theory

This is an article that will give a couple of strange theories of the hacking channels. If you want further factually based information, below are three videos by SomeOrdinaryGamers that talk about this in further detail:
Etherium Foundation
Ximer Tracks

(to see how to protect yourself, there is a section below for that!)

Also, just for reference: I will keep the hacker's name as Logan because all three of these attacks follow the same style. I will not blame the Etherium Foundation or Ximer Tracks as they most likely have nothing to do with the actual hackings.

How these Hacks work

While the exact technical details are unknown, there is the general setup of how a channel becomes one of them.

  • A comment from a hacked channel comments on your video
  • Probable interactions
  • Your account gets hacked by technical means
    • 2FA through mobile is bypassed
    • 2FA apps might also have the issue
  • You might be locked out of your account
  • Profile picture and name changed
  • Your channel is now a spambot

Some might skip the change of profile picture and name. Again, the actual means of attack are completely unknown.

My Theory

A hacker, who for now we will name Logan, is behind all three attacks. The idea isn't too far-reaching, here is why. It all starts with the Etherium Foundation hack, where the channels changed to have a no-color version of the Etherium logo with the name Etherium always in it - unless the account was recovered. Sometimes it would include "Foundation" or some other word/spellings. This would be the first attack, beginning in January, but ending closer to late February for the Etherium channels. While Etherium isn't behind it, that was the foundation picked to name. While the hack never actually ended, some still being affected, the scale of the hack came to a huge slow-down in February. March is when the Ximer Tracks hacks began. Again Ximer Tracks isn't really behind the attack (by all probability), but a pawn in the scheme. The huge factor in the hacks is that Ximer Tracks accounts started to spring up around mid-to-late February. Right around when the Etherium channel hack was slowing. Why Logan would switch channels can be attributed to a couple of possible reasons, which we will get into, isn't important. Ximer Track hacks slowed down by mid-April when the Logan accounts hit.

Not only does the timeline add up, but so does the comments they make. Often being "wanna be friends?" or other variation. While the hacks might have this coincidentally, I wouldn't expect these hacks by different people at different times at different scales to follow not only the exact same hack format but comment as well.

They all are hacking normal user accounts, having the same attack patterns while having the same set of comments used in a stable timeline with one another.

Might I also point out that this could be a hacker-for-hire situation, as it is possible that someone is either paying for these hacks or is building a system so they can get paid for these hacks. Not that this idea is too far from possible. I know of normal websites with normal TLDs that offer hacker-for-hire services with normal-looking websites, some even being professionally made and hosted.

How to protect yourself from this

  • Don't respond to sketchy comments
  • Make sure you have 2FA on YouTube through applications (NOT SMS)
  • Use a very secure password
  • Use more than one password on a site
  • Don't use Password Manager websites that seem sketchy
  • Install HTTPS everywhere
  • Don't open random emails

Top comments (1)

vijai_bishnoi profile image
Vijay Bishnoi

How to Protect Social Media Accounts from hackers :